Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About cyber_Maddy
cyber_Maddy
Engager
Member since:
08-10-2021
05-02-2022
Community Statistics
| Posts | 12 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 08-10-2021 |
Activity Feed
- Posted Re: query to find out activity towards a particular URL on Splunk Enterprise Security. 05-02-2022 01:31 AM
- Posted Help with query to find out activity towards a particular URL on Splunk Enterprise Security. 05-02-2022 12:26 AM
- Posted Re: The search specifies a macro 'summariesonly' that cannot be found on Splunk Cloud Platform. 02-20-2022 09:09 PM
- Posted How to enable the macro 'summariesonly'? on Splunk Cloud Platform. 02-17-2022 04:58 AM
- Posted Re: Account deleted query on Splunk Search. 10-27-2021 10:40 PM
- Posted Account deleted query on Splunk Search. 10-26-2021 01:28 AM
- Posted Real time alert option not available on Alerting. 10-22-2021 12:15 AM
- Posted How to install enterprise security app on Splunk cloud? on Splunk Dev. 10-12-2021 08:30 AM
- Posted Home page should be alert page on Splunk Dev. 10-12-2021 02:42 AM
- Posted Re: The default page needs to be changed after login. on Splunk Dev. 10-07-2021 09:29 PM
- Posted Re: The default page needs to be changed after login. on Splunk Dev. 10-07-2021 09:59 AM
- Posted The default page needs to be changed after login. on Splunk Dev. 10-07-2021 07:00 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
05-02-2022
01:31 AM
There is a malicious website Eg: https://xxxx.xxxx.com I just wanted to find out if anybody tried to access the URLhttps://xxxx.xxxx.com from my organization or any communication from the malicious URL https://xxxx.xxxx.com to our network. Firewall , Crowdstrike - are the available data
... View more
02-20-2022
09:09 PM
I can replace `summariesonly' by summariesonly=t , but all the scheduled alerts are not working. Should I create new alerts with summariesonly=t or any other solution to solve this issue ?
... View more
10-27-2021
10:40 PM
I need to exclude the computer account ends with $, with the above query I am getting the result including computer account $. Can anyone please help me with this search query?
... View more
10-24-2021
09:43 AM
Hi cyber_Maddy, Overuse of real-time search can result in performance costs and in this you are not able to scheduled a real-time alert because of restrictions that have applied in your environment Options for restricting real-time search are as follows: 1) Disable real-time search at the indexer level by editing indexes.conf for specific indexes. 2) Disable real-time search for particular roles and users. 3) Edit limits.conf to reduce the number of real-time searches that can be run concurrently at any given time. 4) Edit limits.conf to restrict indexer support for real-time searches. The documentation, How to restrict usage of real-time search is where you will want to go. https://docs.splunk.com/Documentation/Splunk/8.2.2/Search/Restrictrealtimesearch Also, make sure you're reading the documentation for your version of Splunk. ------ An upvote would be appreciated and Accept Solution if it helps!
... View more
10-12-2021
08:48 AM
You can use a search like this to create a dashboard for your homepage. index=_audit action=alert_fired ss_app=* | eval ttl=expiration-now() | search ttl>0 | convert ctime(trigger_time) | table trigger_time ss_name severity | rename trigger_time as "Alert Time" ss_name as "Alert Name" severity as "Severity"
... View more
10-07-2021
09:29 PM
Is there any app or any other options to show all the triggered alerts on the home page? I need all the alert needs to be displayed after login in to splunk. Can you please help me?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-02-2022
05:10 AM
|
